package com.itpeng.security;

/**
 * @Aythor:彭彦钦
 * @Data: 2020/9/27  12:19
 */

import com.itpeng.pojo.Permission;
import com.itpeng.pojo.Role;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

public class Login implements UserDetailsService {
    //创建加密器
    private BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();

    /**
     * 假设从数据库查询
     * @param username
     * @return
     */
    private com.itpeng.pojo.User findByUsername (String username){
        if("admin".equals(username)) {

            com.itpeng.pojo.User user = new com.itpeng.pojo.User();
            user.setUsername("admin");

            //user.setPassword("admin");
            //使用加密器后的代码
            user.setPassword(encoder.encode("admin"));

            Role role = new Role();
            role.setKeyword("ROLE_ADMIN");
            Permission permission = new Permission();
            permission.setKeyword("ADD_CHECKITEM");
            role.getPermissions().add(permission);

            Set<Role> roleList = new HashSet<Role>();
            roleList.add(role);

            user.setRoles(roleList);
            return user;
        }
        return null;
    }

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        //通过用户名查询用户
        com.itpeng.pojo.User userInDB = findByUsername(username);
        if (userInDB == null){
            return null;
        }
        // String password, 数据库中的密码, 密码校验(security帮我们做了)
        // Collection<? extends GrantedAuthority> authorities 权限集合
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();

        /*//如果存在用，则获得用户身上的角色与权限，并存入集合中
        Set<Role> roles = userInDB.getRoles();
        //遍历角色
        for (Role role : roles) {
            GrantedAuthority grantedAuthority = new SimpleGrantedAuthority(role.getKeyword());
            authorities.add(grantedAuthority);
            //对角色身上的所有权限进行遍历，获得其身上的权限
            for (Permission permission : role.getPermissions()) {
                grantedAuthority = new SimpleGrantedAuthority(permission.getKeyword());
                authorities.add(grantedAuthority);
            }
        }*/

        //其他方式的认证
        GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_ADMIN");
        authorities.add(ga);
        ga = new SimpleGrantedAuthority("add");
        authorities.add(ga);
        //将用户的账号密码，以及权限集合存入
        User user = new User(username, userInDB.getPassword(), authorities);
        return user;
    }
}
